AOS-CX 10.07 ACLs and Classifier Policies Guide Help Center
Defining and applying an IPv4 ACL
Procedure
- Begin defining an IPv4 ACL named FILTER_TO_HOST_B:
- Add an ACE that denies access from IP address 192.168.1.2 (Host A) to 192.168.2.2 (Host B):
- Add an ACE that allows access from all other IP addresses:
- Exit the ACL definition:
- Enter the context of the interface to which you will apply the ACL:
- Apply the FILTER_TO_HOST_B ACL to inbound (ingress) traffic:
- Show your ACL:
switch(config-if)# exit switch# show access-list ip FILTER_TO_HOST_B Type Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- IPv4 FILTER_TO_HOST_B 10 deny any 192.168.1.2 192.168.2.2 Logging: enabled Hit-counts: enabled 20 permit any any any -------------------------------------------------------------------------------
switch(config)# access-list ip FILTER_TO_HOST_B
switch(config-acl-ip)# deny any 192.168.1.2 192.168.2.2 log
switch(config-acl-ip)# permit any any any
switch(config-acl-ip)# exit
switch(config)# interface 1/1/1
switch(config-if)# apply access-list ip FILTER_TO_HOST_B in